Context Window: AI Security Podcast cover art

Context Window: AI Security Podcast

Context Window: AI Security Podcast

By: Asaf Nakash
Listen for free

Context Window is your weekly AI security podcast — the biggest stories in AI security, LLM security, agentic AI risks, and cybersecurity for AI in under 15 minutes. Every story, every take, every "here's what this actually means" is curated and verified by Asaf Nakash, who builds AI security products at one of the world's largest security platforms. Two AI voices. One human editor. Zero hallucinations guaranteed — or at least we're working on it.© 2026 Asaf Nakash Politics & Government
Episodes
  • #20: One Word: Additionally
    Jul 13 2026
    Top Story: One Word Beat GitHub's Guardrail — An attacker doesn't need an account, a password, or a single line of malicious code. China flags a Claude Code "backdoor." — On July 8, China's national vulnerability database (run by the MIIT) warned that Anthropic's Claude Code versions 2.1.91 through 2.1.196 transmitted users' location and identity data back to Anthropic's servers, and urged users to uninstall or upgrade. CISA reportedly turns Mythos on its own code. — Reuters reports (sourced, not officially confirmed) that CISA's Attack Surface Evaluation team is running Anthropic's Mythos model against federal code repositories to find vulnerabilities before adversaries do, and that the audits have already surfaced previously unknown flaws. Prompt injection gets a kill chain. — A new paper, The Promptware Kill Chain, co-authored by Bruce Schneier and Ben Nassi, maps how a single hidden instruction escalates through seven stages, from initial access to lateral movement to acting on its goal, borrowing the language security teams already use to describe malware campaigns. ModelScope agent flaw, still no patch (CVE-2026-2256). — The open-source AI-agent framework can be tricked into running arbitrary system commands through its Shell tool, and there's still no vendor patch. Curator's Corner: You Can't Lower the Odds Anymore. Lower the Blast Radius. Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindowsec.com/episodes/2026-07-13.html
    Show More Show Less
    11 mins
  • #19: Every Input Is a Potential Instruction
    Jul 6 2026
    Top Story: Anthropic Put Its Strongest Model Back Online. First It Had to Add a New Lock. — Three weeks ago, the US government took a commercial AI offline by order. Opening a repo with your AI assistant can hand your machine to a stranger. — Researchers at Mozilla's 0DIN group showed a clean-looking code project that compromises a developer's computer with no malicious code anywhere in it. A platform behind a million AI apps could let one customer's data leak to another. — Security firm Zafran found four flaws in Dify, a popular open-source tool for building AI apps, that let a low-privileged user cross the wall between tenants: silently reroute another company's AI conversations to a server they control, and read other tenants' uploaded documents by guessing a file's ID. Curator's Corner: Every Input Is a Potential Instruction Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindowsec.com/episodes/2026-07-06.html
    Show More Show Less
    12 mins
  • #18: The Level Playing Field Is Ending
    Jun 29 2026
    Top Story: OpenAI Built Its Strongest Model Yet. Then Handed the Guest List to Washington — On Friday, June 26, OpenAI announced three new frontier models — Sol, its self-described "strongest model yet," plus Terra for everyday work and Luna as a cheaper option — and in the same breath said most people can't have them yet. The free, downloadable models are catching the paid frontier — fastest they ever have. — On the independent Artificial Analysis Intelligence Index, the leading open-weight model (Moonshot's Kimi K2.6) now ranks fourth overall and first among open models, about six points behind the top closed models from Anthropic, OpenAI, and Google — narrowing, but not matching them, and still clearly behind on the hardest tasks. Most companies deploying AI agents can't yet secure them — and some already got burned. — In a survey of 160+ security leaders, 72% said they're rolling out AI agents but only 29% have comprehensive controls for them, and about 1 in 5 has already had a security incident traced to an agent. Dream — $260M at a $3B valuation, to sell countries "sovereign AI." — Founded by ex-NSO Group CEO Shalev Hulio and former Austrian Chancellor Sebastian Kurz, Dream pitches governments on AI infrastructure they fully own and control rather than rent from foreign providers. NewCore — $66M seed at a $300M valuation, to give AI agents real identities. — Emerging from stealth, the startup (led by Dome9 founder Zohar Alon) treats AI agents as first-class members of the workforce that need managed identities and permissions, the way employees do. Curator's Corner: The Level Playing Field Is Ending Curated by Asaf Nakash. Voices by AI. Opinions by human. Show notes: https://contextwindowsec.com/episodes/2026-06-29.html
    Show More Show Less
    13 mins
adbl_web_anon_alc_button_suppression_t1
No reviews yet